Next story in Security

Video: Hacking investigation points to N. Korea

SEOUL, South Korea — South Korean Web sites were attacked again Thursday after a wave of Web site outages in the U.S. and South Korea that several officials suspect North Korea was behind.

Seven sites — one belonging to the government and the others to private entities — were attacked in the third round of cyber assaults, said Ku Kyo-young, an official from the state-run Korea Communications Commission. The latest attack began around 6:30 p.m. (5:30 a.m. ET) Thursday.

Earlier in the day, the country's leading computer security company, AhnLab, had warned of a new attack after analyzing a virus program that sent a flood of Internet traffic to paralyze Web sites in both South Korea and the United States.

About two hours after the latest assault, all but one shopping site were working normally. The Yonhap news agency had earlier reported that the Web site of the leading Kookmin Bank was down for about 30 minutes.

Twelve South Korean sites were initially hit Tuesday, followed by strikes Wednesday on 10 others, including those for government offices. The U.S. targets included the White House, Pentagon, Treasury Department and the Nasdaq stock exchange.

Like previous ones, the latest assault was also caused by so-called denial of service attacks in which floods of computers try to connect to a single site at the same time, overwhelming the server, the commission official said.

Some South Korean sites hit in the past few days remained inaccessible or unstable on Thursday, including the National Cyber Security Center, affiliated with the main spy agency. No major disruptions, however, were reported.

"The damage from the latest attack appears to be limited because those sites took necessary measures to fend off the attack," Ku said.

‘Merciless annihilation’Seoul's main intelligence agency, the National Intelligence Service, informed members of parliament's intelligence committee Wednesday that it believes North Korea or pro-Pyongyang forces were behind the cyber attacks, a lawmaker said.

Park Young-sun, a member of the committee, said Thursday that a senior intelligence official told her the NIS suspects the North because the country warned it won't tolerate what it claimed were South Korean moves to participate in a U.S.-led cyber warfare exercise, according to a statement from the opposition Democratic Party.

North Korea has not responded to the allegations.

On Thursday evening, Pyongyang's agency in charge of relations with Seoul renewed long-running accusations that South Korea is plotting to invade it and warned of "merciless annihilation" if attacked. But the agency made no mention of the charges against the regime.

The South's intelligence agency said in a statement Thursday that it was strengthening cyber security measures for government computer networks, citing a possible new wave of attacks that could target national infrastructure operators like energy, telecommunications and media companies.

Cyber attackSo far, there were no immediate reports of financial damage or leaking of confidential national information, according to the Korea Information Security Agency. The attacks appeared aimed only at paralyzing Web sites.

The spy agency did not mention suspected North Korean involvement and only repeated it was closely cooperating with the U.S. and other countries to discover the origin of the attacks. On Wednesday, it said the sophistication of the attacks suggested they were carried out at a higher level than rogue or individual hackers.

Internet addresses tracedU.S. authorities also eyed North Korea as the origin of the trouble, though they warned it would be difficult to identify the attackers quickly.

Three U.S. officials said while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved Kim Jong Il's government in Pyongyang. They spoke on condition of anonymity because they were not authorized to speak publicly on the matter.

South Korean media reported in May that North Korea was running a cyber warfare unit that tries to hack into U.S. and South Korean military networks to gather confidential information and disrupt service.

The communist North has recently engaged in a series of threats and provocative actions widely condemned by the international community, including a nuclear test and missile launches.

In Italy, Japan urged other Group of Eight countries to step up pressure on Pyongyang to stop "provocative actions."

Japanese Foreign Ministry press secretary Kazuo Kodama said he couldn't discuss whether Japan had been hit by cyber attacks. Kodama spoke on the sidelines of the meeting of world leaders in L'Aquila, Italy.

Britain's Cabinet Office said it would not comment on suspected attacks in other countries, or disclose whether British government systems have come under recent attack.

Terrorism minister Alan West, who has ordered a new cyber security unit to be set up by September, said last month that government data systems had probably been targeted, but declined to offer specifics and insisted no sensitive data had been compromised.

U.S. attacks
The powerful attack targeting dozens of government and private sites in the U.S. earlier in the week underscored how unevenly prepared the government was to block such multipronged assaults.

While Treasury Department and Federal Trade Commission Web sites were shut down by the software attack, which lasted for days over the holiday weekend, others such as the Pentagon and the White House were able to fend it off with little disruption.